Merge pull request #78 from jaywink/signature-fixes

Fix signature validation for Diaspora relayables

federation/entities/diaspora/mappers.py

@@ -1,5 +1,4 @@
 import logging
-import traceback
 from datetime import datetime
 
 from lxml import etree
@@ -90,7 +89,6 @@ def element_to_objects(element, sender_key_fetcher=None):
             "attrs": attrs,
             "transformed": transformed,
         })
-        logger.error(traceback.format_stack())
         return []
     # Do child elements
     for child in element:

federation/protocols/diaspora/signatures.py

@@ -23,7 +23,7 @@ def get_element_child_info(doc, attr):
 def _create_signature_hash(doc):
     props = get_element_child_info(doc, "text")
     content = ";".join(props)
-    return SHA256.new(content.encode("ascii"))
+    return SHA256.new(content.encode("utf-8"))
 
 
 def verify_relayable_signature(public_key, doc, signature):

federation/tests/protocols/diaspora/test_signatures.py

@@ -6,6 +6,10 @@ from federation.tests.fixtures.keys import get_dummy_private_key
 XML = "<comment><guid>0dd40d800db1013514416c626dd55703</guid><parent_guid>69ab2b83-aa69-4456-ad0a-dd669" \
       "7f54714</parent_guid><text>Woop Woop</text><diaspora_handle>jaywink@iliketoast.net</diaspora_handle></comment>"
 
+XML2 = "<comment><guid>d728fe501584013514526c626dd55703</guid><parent_guid>d641bd35-8142-414e-a12d-f956cc2c1bb9" \
+       "</parent_guid><text>What about the mystical problem with &#x1F44D; (pt2 with more logging)</text>" \
+       "<diaspora_handle>jaywink@iliketoast.net</diaspora_handle></comment>"
+
 SIGNATURE = "A/vVRxM3V1ceEH1JrnPOaIZGM3gMjw/fnT9TgUh3poI4q9eH95AIoig+3eTA8XFuGvuo0tivxci4e0NJ1VLVkl/aqp8rvBNrRI1RQk" \
             "n2WVF6zk15Gq6KSia/wyzyiJHGxNGM8oFY4qPfNp6K+8ydUti22J11tVBEvQn+7FPAoloF2Xz1waK48ZZCFs8Rxzj+4jlz1PmuXCnT" \
             "j7v7GYS1Rb6sdFz4nBSuVk5X8tGOSXIRYxPgmtsDRMRrvDeEK+v3OY6VnT8dLTckS0qCwTRUULub1CGwkz/2mReZk/M1W4EbUnugF5" \
@@ -14,7 +18,15 @@ SIGNATURE = "A/vVRxM3V1ceEH1JrnPOaIZGM3gMjw/fnT9TgUh3poI4q9eH95AIoig+3eTA8XFuGvu
             "qNofGkusuzZnCd0VObOpXizrI8xNQzZpjJEB5QqE2gbCC2YZNdOS0eBGXw42dAXa/QV3jZXGES7DdQlqPqqT3YjcMFLiRrWQR8cl4h" \
             "JIBRpV5piGyLmMMKYrWu7hQSrdRAEL3K6mNZZU6/yoG879LjtQbVwaFGPeT29B4zBE97FIo="
 
-SIGNATURE2 = "hVdLwsWXe6yVy88m9H1903+Bj/DjSGsYL+ZIpEz+G6u/aVx6QfsvnWHzasjqN8SU+brHfL0c8KrapWcACO+jyCuXlHMZb9zKmJkHR" \
+SIGNATURE2 = "Xla/AlirMihx72hehGMgpKILRUA2ZkEhFgVc65sl80iN+F62yQdSikGyUQVL+LaGNUgmzgK0zEahamfaMFep/9HE2FWuXlTCM+ZXx" \
+             "OhGWUnjkGW9vi41/Turm7ALzaJoFm1f3Iv4nh1sRD1jySzlZvYwrq4LwmgZ8r0M+Q6xUSIIJfgS8Zjmp43strKo28vKT+DmUKu9Fg" \
+             "jZWjW3S8WPPJFO0UqA0b1UQspmNLZOVxsNpa0OCM1pofJvT09n6xG+byV30Bed27Kw+D3fzfYq5xvohyeCyliTq8LHnOykecki3Y2" \
+             "Pvl1qsxxBehlwc/WH8yIUiwC2Du6zY61tN3LGgMAoIFl40Roo1z/I7YfOy4ZCukOGqqyiLdjoXxIVQqqsPtKsrVXS+A9OQ+sVESgw" \
+             "f8jeEIw/KXLVB/aEyrZJXQR1pBfqkOTCSnAfZVBSjJyxhanS/8iGmnRV5zz3auYMLR9aA8QHjV/VZOj0Bxhuba9VIzJlY9XoUt5Vs" \
+             "h3uILJM3uVJzSjlZV+Jw3O+NdQFnZyh7m1+eJUMQJ8i0Sr3sMLsdb9me/I0HueXCa5eBHAoTtAyQgS4uN4NMhvpqrB/lQCx7pqnkt" \
+             "xiCO/bUEZONQjWrvJT+EfD+I0UMFtPFiGDzJ0yi0Ah7LxSTGEGPFZHH5RgsJA8lJwGMCUtc9Cpy8A="
+
+SIGNATURE3 = "hVdLwsWXe6yVy88m9H1903+Bj/DjSGsYL+ZIpEz+G6u/aVx6QfsvnWHzasjqN8SU+brHfL0c8KrapWcACO+jyCuXlHMZb9zKmJkHR" \
              "FSOiprCJ3tqNpv/4MIa9CXu0YDqnLHBSyxS01luKw3EqgpWPQdYcqDpOkjjTOq45dQC0PGHA/DXjP7LBptV9AwW200LIcL5Li8tDU" \
              "a8VSQybspDDfDpXU3+Xl5tJIBVS4ercPczp5B39Cwne4q2gyj/Y5RdIoX5RMqmFhfucw1he38T1oRC9AHTJqj4CBcDt7gc6jPHuzk" \
              "N7u1eUf0IK3+KTDKsCkkoHcGaoxT+NeWcS8Ki1A=="
@@ -34,7 +46,12 @@ def test_verify_relayable_signature():
     assert verify_relayable_signature(PUBKEY, doc, SIGNATURE)
 
 
+def test_verify_relayable_signature_with_unicode():
+    doc = etree.XML(XML2)
+    assert verify_relayable_signature(PUBKEY, doc, SIGNATURE2)
+
+
 def test_create_relayable_signature():
     doc = etree.XML(XML)
     signature = create_relayable_signature(get_dummy_private_key(), doc)
-    assert signature == SIGNATURE2
+    assert signature == SIGNATURE3